Although convenient, Internet transactions are often insecure and/or easily compromised. For example, malicious individuals may use stolen login information to access the online accounts of users via the Internet, potentially leading to the exposure of sensitive personal and/or financial information. In view of these and other security risks associated with Internet transactions, some institutions have begun using out-of-band authentication procedures in an attempt to verify the legitimacy of, and/or to authenticate the users involved in, such transactions. For example, an institution (such as a financial institution) may, upon receiving a request from a user to initiate a transaction via the Internet, send a confirmation code to the user via an alternative means of communication (e.g., by sending a text message to the user's mobile computing device). In this example, the user may then submit the confirmation code to the institution via the Internet in order to authenticate himself/herself and/or to verify the legitimacy of the transaction.
Unfortunately, malware authors may compromise such out-of-band authentication procedures by installing malware on an unsuspecting user's mobile computing device (by, e.g., tricking the user into downloading a malicious application and/or exploiting vulnerabilities in the device's web browser) that is designed to intercept the confirmation codes generated during such authentication procedures. Once this malware is installed, the malware author may successfully pose as the user during an illegitimate transaction with an institution that requires out-of-band authentication by 1) initiating the transaction with the institution, 2) using the malware installed on the user's mobile computing device to intercept out-of-band confirmation codes sent from the institution to the user's mobile computing device during an out-of-band authentication procedure associated with the transaction, and then 3) using the intercepted confirmation codes to complete the out-of-band authentication procedure and conduct the illegitimate transaction with the institution.
In view of the above, the instant disclosure identifies and addresses a need for systems and methods for detecting and remediating illegitimate out-of-band authentication attempts.